diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py index 29e25d86f..aa79f9d25 100644 --- a/apps/users/serializers/user.py +++ b/apps/users/serializers/user.py @@ -512,14 +512,6 @@ def update_user_role(instance, user): class RePasswordSerializer(serializers.Serializer): - email = serializers.EmailField( - required=True, - label=_("Email"), - validators=[validators.EmailValidator(message=ExceptionCodeConstants.EMAIL_FORMAT_ERROR.value.message, - code=ExceptionCodeConstants.EMAIL_FORMAT_ERROR.value.code)]) - - code = serializers.CharField(required=True, label=_("Verification code")) - password = serializers.CharField(required=True, label=_("Password"), validators=[validators.RegexValidator(regex=re.compile( "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z_!@#$%^&*`~.()-+=]+$)(?![a-z0-9]+$)(?![a-z_!@#$%^&*`~()-+=]+$)" @@ -541,28 +533,19 @@ class RePasswordSerializer(serializers.Serializer): def is_valid(self, *, raise_exception=False): super().is_valid(raise_exception=True) - email = self.data.get("email") - cache_code = cache.get(get_key(email + ':reset_password'), version=version) if self.data.get('password') != self.data.get('re_password'): raise AppApiException(ExceptionCodeConstants.PASSWORD_NOT_EQ_RE_PASSWORD.value.code, ExceptionCodeConstants.PASSWORD_NOT_EQ_RE_PASSWORD.value.message) - if cache_code != self.data.get('code'): - raise AppApiException(ExceptionCodeConstants.CODE_ERROR.value.code, - ExceptionCodeConstants.CODE_ERROR.value.message) return True - def reset_password(self): + def reset_password(self, user_id: str): """ 修改密码 :return: 是否成功 """ if self.is_valid(): - email = self.data.get("email") - QuerySet(User).filter(email=email).update( + QuerySet(User).filter(id=user_id).update( password=password_encrypt(self.data.get('password'))) - code_cache_key = email + ":reset_password" - # 删除验证码缓存 - cache.delete(code_cache_key, version=version) return True diff --git a/apps/users/views/user.py b/apps/users/views/user.py index 9ec436b45..f753ddfeb 100644 --- a/apps/users/views/user.py +++ b/apps/users/views/user.py @@ -287,12 +287,11 @@ class RePasswordView(APIView): request=ResetPasswordAPI.get_request(), responses=DefaultModelResponse.get_response()) @log(menu='User management', operate='Change password', - get_operation_object=lambda r, k: {'name': r.data.get('email', None)}, - get_user=lambda r: {'user_name': None, 'email': r.data.get('email', None)}, + get_operation_object=lambda r, k: {'name': r.user.username}, get_details=get_re_password_details) def post(self, request: Request): serializer_obj = RePasswordSerializer(data=request.data) - return result.success(serializer_obj.reset_password()) + return result.success(serializer_obj.reset_password(request.user.id)) class SendEmail(APIView): @@ -361,10 +360,8 @@ class ResetCurrentUserPasswordView(APIView): get_operation_object=lambda r, k: {'name': r.user.username}, get_details=get_re_password_details) def post(self, request: Request): - data = {'email': request.user.email} - data.update(request.data) - serializer_obj = RePasswordSerializer(data=data) - if serializer_obj.reset_password(): + serializer_obj = RePasswordSerializer(data=request.data) + if serializer_obj.reset_password(request.user.id): version, get_key = Cache_Version.TOKEN.value cache.delete(get_key(token=request.auth), version=version) return result.success(True)